﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using SqlShareAPI;

namespace WebQueryRole
{
    public partial class admin : System.Web.UI.Page
    {
        protected SSAPIFactory _factory;

        protected override void OnInit(EventArgs e)
        {
            _factory = CloudUtil.CreateSSAPIFactory();
            base.OnInit(e);
        }

        protected override void OnLoadComplete(EventArgs e)
        {
            base.OnLoadComplete(e);
            _factory.Close();
        }

        protected void Page_Load(object sender, EventArgs e)
        {
            

            // this will redirect user if not logged in
            UserSession session = WebAuthentication.IsLoggedIn(this, _factory);
            if (session == null)
            {
                return;
            }

            if (!session.IsAdmin)
            {
                informationDiv.InnerText = "Sorry, you do not have permissions to create a user, this form will not work for current user";
                return;
            }

            // if we got to this page with post data..
            string submitType = Request.Form["submit"];


            if (!String.IsNullOrEmpty(submitType) && submitType.Equals("create"))
            {

                string username = Request["create-username"];
                string password = Request["create-password"];
                string passwordConfirm = Request["create-password-confirm"];
                string fullname = Request["create-fullname"];
                string isAdminStr = Request["create-admin"];
                bool isAdmin = !String.IsNullOrEmpty(isAdminStr) && isAdminStr.Equals("on");

                // sanity checks
                if (String.IsNullOrEmpty(username))
                {
                    informationDiv.InnerText = "Invalid: username cannot be empty";
                    return;
                }

                if (String.IsNullOrEmpty(password))
                {
                    informationDiv.InnerText = "Invalid: password cannot be empty";
                    return;
                }

                if (!password.Equals(passwordConfirm))
                {
                    informationDiv.InnerText = "Passwords do not match, please try again";
                    return;
                }

                if (String.IsNullOrEmpty(fullname))
                {
                    informationDiv.InnerText = "Invalid: full name cannot be empty";
                    return;
                }

                bool success = session.AdminCreateUser(username, password, fullname, isAdmin);

                if (success)
                {
                    // user created,  return msg successful.
                    informationDiv.InnerText = "User Successfully Created: " + Request.Form["create-username"];
                }
                else
                {
                    // user was unable to be created
                    informationDiv.InnerText = "Error, Could not create user";
                }
            }
        }
    }
}